Andrew Avanessian
May 13th, 2017

WannaCry Ransomware goes global

On Friday, a cyber attack on an unprecedented scale struck a wide range of organizations in over 99 countries across the globe. The ransomware attack, known as WanaCry or WanaCrypt0r shut down IT systems in NHS hospitals and GP surgeries in the UK as well as many large global organizations including Telefonica, FedEx and Renault.

Continue Reading

Windows Security Catalogs and Effective Application Control

Solutions that provide application whitelisting or application control need to provide the administrator with a set of rules that can be used to precisely identify applications. The most common types of rule will check the file name or certain attributes of the file, as these rules are relatively simple to maintain, and in most circumstances will provide adequate protection, assuming a least privilege approach is in place, where users can’t tamper with application files.

Continue Reading

Centralizing Windows Events with Event Forwarding

If you are interested in centralizing Windows events from your desktops or servers then you should take a serious look at Windows Event Forwarding. Event Forwarding is provided by Windows Remote Management (WinRM) and enables you to get events from remote computers and store them in the local event log of an event collector computer.

Continue Reading

5 Tips for Flexible Desktop Lockdown

Desktop lockdown shouldn’t hinder a user from performing their day to day role. Rather, locking down desktops should provide a secure environment in which the user can effectively go about their tasks, without giving them the frustration of being ‘locked out’. Here we’ve provided 5 tips to help you on your way to achieving flexible desktop lockdown.

Continue Reading

Embrace Group Policy, It Makes Sense…

It surprises me how few vendors use Active Directory Group Policy as a mechanism to centrally manage and deploy policy settings for their Windows based products, and instead build their own backend infrastructure for this purpose. I could rattle off a long list of benefits, including hierarchical management, a strong security model that includes delegated administration, built-in replication, stability and scalability, to name but a few..

Continue Reading

A Brief Introduction to Least Privilege

As a new software release for least privilege leaves the building, it seemed an opportune time to start blogging, not to plug the release of course, click here. Alright, I’m allowed one shameless plug in my first blog given the team have worked so hard on this release. But seriously, I’m hoping that my blog will become a balance between sharing my experience in the system management space, with a bias towards least privilege, and providing valuable insights into the Privilege Guard (Edit: now Defendpoint) product.

Continue Reading